-
Israeli Firm Paragon Attack WhatsApp With New Zero-Click Spyware
WhatsApp revealed on Friday that a “zero-click” spyware attack, attributed to the Israeli firm Paragon, has targeted scores of users worldwide, including journalists and members of civil society. The spyware targeted nearly 100 WhatsApp users, including journalists, and did not require any user interaction, nor did it require clicking links or opening attachments, making it…
-
A week in security (January 27 – February 2)
Last week on Malwarebytes Labs: ClickFix vs. traditional download in new DarkGate campaign Cybercrime gets a few punches on the nose Microsoft advertisers phished via malicious Google ads The DeepSeek controversy: Authorities ask where does the data come from and how safe is it? These are the 10 worst PIN codes Apple users: Update your…
-
CVE-2024-10395 – Apache HTTP Server Input Validation Vulnerability
CVE ID : CVE-2024-10395 Published : Feb. 3, 2025, 7:15 a.m. | 49 minutes ago Description : No proper validation of the length of user input in http_server_get_content_type_from_extension. Severity: 8.6 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more… Go to Source
-
CVE-2025-25066 – Cisco nDPI Stack Buffer Overflow Vulnerability
CVE ID : CVE-2025-25066 Published : Feb. 3, 2025, 6:15 a.m. | 1 hour, 49 minutes ago Description : nDPI through 4.12 has a potential stack-based buffer overflow in ndpi_address_cache_restore in lib/ndpi_cache.c. Severity: 8.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more… Go to Source
-
CVE-2025-0366 – “Jupiter X Core WordPress Remote Code Execution Vulnerability”
CVE ID : CVE-2025-0366 Published : Feb. 1, 2025, 6:15 a.m. | 2 days, 1 hour ago Description : The Jupiter X Core plugin for WordPress is vulnerable to Local File Inclusion to Remote Code Execution in all versions up to, and including, 4.8.7 via the get_svg() function. This makes it possible for authenticated attackers, with Contributor-level…
-
How VXLAN encapsulation affects Arm (aarch64) servers
In the previous article, Linux on Arm (aarch64) servers…, we examined flat networks. That is, we used only bare network interfaces and nothing else. That’s a good start, but it is often not the topology used, especially with solutions like OpenStack. So in this installment, let’s evaluate how impactful VXLAN encapsulation can be for throughput…
-
Medical monitoring machines spotted stealing patient data, users warned to pull the plug ASAP
Medical monitoring machines spotted stealing patient data, users warned to pull the plug ASAP Infosec in brief The United States Food and Drug Administration has told medical facilities and caregivers that monitor patients using Contec equipment to disconnect the devices from the internet ASAP … Read more Published Date: Feb 03, 2025 (6 hours, 17 minutes ago)…
-
TheCyberThrone Security Weekly Review – February 01, 2025
TheCyberThrone Security Weekly Review – February 01, 2025 Welcome to TheCyberThrone cybersecurity week in review will be posted covering the important security happenings. This review is for the week ending Saturday, February 01, 2025.Cyber Incidents at Tat … Read more Published Date: Feb 03, 2025 (7 hours, 15 minutes ago) Vulnerabilities has been mentioned in this article. CVE-2025-24480 CVE-2025-24085…
-
Week in review: Apple 0-day used to target iPhones, DeepSeek’s popularity exploited by scammers
Week in review: Apple 0-day used to target iPhones, DeepSeek’s popularity exploited by scammers Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Apple zero-day vulnerability exploited to target iPhone users (CVE-2025-24085) Apple has shipped a fix … Read more Published Date: Feb 02, 2025 (23 hours, 18 minutes ago) Vulnerabilities…
-
LibreOffice 25.2.0 is out! Auto Signature, ODF 1.4, New Theming System
LibreOffice, the popular free open-source office suite, rolls out the new 25.2.0 release! LibreOffice 25.2 is the third release series after switched to date-based version numbering system. The official Flatpak package has been updated for all Linux users, though the announcement is not ready yet at the moment. The new release updated the application theming…